Fixes #40819 and Fixes #33114 #40892
Conversation
|
Hi @robdaemon. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
k8s-ci-robot
added
the
cncf-cla: yes
|
This change is |
k8s-github-robot
added
size/M
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
Corresponding documentation needs a PR https://github.com/kubernetes/kubernetes.github.io/blob/master/docs/getting-started-guides/vsphere.md |
|
We should add support for this https://github.com/kubernetes/kubernetes-anywhere/blob/master/phase1/vsphere/vSphere.jsonnet#L82 |
| @@ -42,6 +41,8 @@ import ( | |||
| "github.com/vmware/govmomi/vim25/types" | |||
| "golang.org/x/net/context" | |||
|
|
|||
| "io/ioutil" | |||
There was a problem hiding this comment.
Can this be moved along with other golang imports
| if cfg.Global.VMUUID != "" { | ||
| vmUUID = cfg.Global.VMUUID | ||
| } else { | ||
| vmUUIDbytes, err := ioutil.ReadFile("/sys/devices/virtual/dmi/id/product_uuid") |
There was a problem hiding this comment.
Add a comment that this needs appropriate privilidges
|
Apart from unit testing were any other tests performed? Would be good to know. |
| @@ -122,12 +123,15 @@ type VSphereConfig struct { | |||
| WorkingDir string `gcfg:"working-dir"` | |||
| // Soap round tripper count (retries = RoundTripper - 1) | |||
| RoundTripperCount uint `gcfg:"soap-roundtrip-count"` | |||
| // VMUUID is the virtual machine's UUID. If not set, will be fetched from the machine. | |||
There was a problem hiding this comment.
We have many UUIDs! How about following;
// VM Instance UUID of virtual machine which can be retrieved from instanceUuid property in VmConfigInfo, or also set as vc.uuid in VMX file) ?
There was a problem hiding this comment.
done - merged your comment with the existing one.
| if cfg.Global.VMUUID != "" { | ||
| vmUUID = cfg.Global.VMUUID | ||
| } else { | ||
| vmUUIDbytes, err := ioutil.ReadFile("/sys/devices/virtual/dmi/id/product_uuid") |
There was a problem hiding this comment.
Can this path change in different linux distros?
There was a problem hiding this comment.
Not that I'm aware of. sysfs is kernel-level, not distro-level. Someone please correct me if I'm wrong :)
|
Thank you for the fix! Does this have any chance to be backported in the 1.5 branch? |
|
@kerneltime - I tested this on a vSphere 6.0 cluster - both by specifying the ID in the config, by running it without that (as root) and running it as non-root. It behaves as expected. |
|
@kerneltime Docs PR is kubernetes/website#2416 |
k8s-github-robot
removed
the
lgtm
|
/lgtm |
|
@kerneltime: you can't LGTM a PR unless you are an assignee. In response to this comment:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
k8s-github-robot
added
the
approved
| vmUUID = cfg.Global.VMUUID | ||
| } else { | ||
| // This needs root privileges on the host, and will fail otherwise. | ||
| vmUUIDbytes, err := ioutil.ReadFile("/sys/devices/virtual/dmi/id/product_uuid") |
There was a problem hiding this comment.
This path can be made configurable and defaulted to this value. This way any distro specific concerns can be addressed by an optional item in the config passed in.
|
@k8s-bot ok to test |
|
@roberthbailey this needs a LGTM |
|
That failure looks unrelated to my change? |
|
@k8s-bot gci gce e2e test this |
|
@kerneltime - I added you as an assignee so you should be able to lgtm now |
|
@robdaemon - we generally ask folks to squash their commits after addressing review feedback. If you feel this is ready to merge please squash it into a single commit. |
Start looking up the virtual machine by it's UUID in vSphere again. Looking up by IP address is problematic and can either not return a VM entirely, or could return the wrong VM. Retrieves the VM's UUID in one of two methods - either by a `vm-uuid` entry in the cloud config file on the VM, or via sysfs. The sysfs route requires root access, but restores the previous functionality. Multiple VMs in a vCenter cluster can share an IP address - for example, if you have multiple VM networks, but they're all isolated and use the same address range. Additionally, flannel network address ranges can overlap. vSphere seems to have a limitation of reporting no more than 16 interfaces from a virtual machine, so it's possible that the IP address list on a VM is completely untrustworthy anyhow - it can either be empty (because the 16 interfaces it found were veth interfaces with no IP address), or it can report the flannel IP.
robdaemon
force-pushed
the
vsphere_findbyuuid
branch
from
30f1c09 to
53a0093
Compare
|
[APPROVALNOTIFIER] This PR is APPROVED The following people have approved this PR: kerneltime, robdaemon Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
|
@roberthbailey - squashed! Thanks! |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
Automatic merge from submit-queue (batch tested with PRs 41223, 40892, 41220, 41207, 41242) |
…-k8s-release-1.4 Automated cherry pick of #40892
What this PR does / why we need it:
Start looking up the virtual machine by it's UUID in vSphere again. Looking up by IP address is problematic and can either not return a VM entirely, or could return the wrong VM.
Retrieves the VM's UUID in one of two methods - either by a
vm-uuidentry in the cloud config file on the VM, or via sysfs. The sysfs route requires root access, but restores the previous functionality.Multiple VMs in a vCenter cluster can share an IP address - for example, if you have multiple VM networks, but they're all isolated and use the same address range. Additionally, flannel network address ranges can overlap.
vSphere seems to have a limitation of reporting no more than 16 interfaces from a virtual machine, so it's possible that the IP address list on a VM is completely untrustworthy anyhow - it can either be empty (because the 16 interfaces it found were veth interfaces with no IP address), or it can report the flannel IP.
Which issue this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close that issue when PR gets merged): fixes #Fixes #40819
Fixes #33114
Special notes for your reviewer:
Release note: